Skip to content

Commit 5ad0f65

Browse files
odyody
committed
Base paths to PSQL files on version number
Ues get_psql_info to dynamically set the path to files required for setting up authentication
1 parent 7661aae commit 5ad0f65

File tree

2 files changed

+16
-12
lines changed

2 files changed

+16
-12
lines changed

plans/add_replica.pp

+4-3
Original file line numberDiff line numberDiff line change
@@ -61,22 +61,23 @@
6161
)
6262

6363
# On the PE-PostgreSQL server in the <replacement-avail-group-letter> group
64+
$psql_version = run_task('peadm::get_psql_version', $replica_postgresql_target).first.value['version']
6465

6566
# Stop puppet and add the following two lines to
6667
# /opt/puppetlabs/server/data/postgresql/11/data/pg_ident.conf
6768
# pe-puppetdb-pe-puppetdb-map <replacement-replica-fqdn> pe-puppetdb
6869
# pe-puppetdb-pe-puppetdb-migrator-map <replacement-replica-fqdn> pe-puppetdb-migrator
6970
apply($replica_postgresql_target) {
7071
file_line { 'pe-puppetdb-pe-puppetdb-map':
71-
path => '/opt/puppetlabs/server/data/postgresql/11/data/pg_ident.conf',
72+
path => "/opt/puppetlabs/server/data/postgresql/${psql_version}/data/pg_ident.conf",
7273
line => "pe-puppetdb-pe-puppetdb-map ${replica_target.peadm::certname()} pe-puppetdb",
7374
}
7475
file_line { 'pe-puppetdb-pe-puppetdb-migrator-map':
75-
path => '/opt/puppetlabs/server/data/postgresql/11/data/pg_ident.conf',
76+
path => "/opt/puppetlabs/server/data/postgresql/${psql_version}/data/pg_ident.conf",
7677
line => "pe-puppetdb-pe-puppetdb-migrator-map ${replica_target.peadm::certname()} pe-puppetdb-migrator",
7778
}
7879
file_line { 'pe-puppetdb-pe-puppetdb-read-map':
79-
path => '/opt/puppetlabs/server/data/postgresql/11/data/pg_ident.conf',
80+
path => "/opt/puppetlabs/server/data/postgresql/${psql_version}/data/pg_ident.conf",
8081
line => "pe-puppetdb-pe-puppetdb-read-map ${replica_target.peadm::certname()} pe-puppetdb-read",
8182
}
8283
}

plans/subplans/db_populate.pp

+12-9
Original file line numberDiff line numberDiff line change
@@ -17,21 +17,24 @@
1717
$destination_target,
1818
]))
1919

20-
# Add the following two lines to /opt/puppetlabs/server/data/postgresql/11/data/pg_ident.conf
20+
# Retrieve source's PSQL version
21+
$psql_version = run_task('peadm::get_psql_version', $source_target).first.value['version']
22+
23+
# Add the following two lines to /opt/puppetlabs/server/data/postgresql/${psql_version}/data/pg_ident.conf
2124
#
2225
# These lines allow connections from destination by pg_basebackup to replicate
2326
# content
2427
apply($source_target) {
2528
file_line { 'replication-pe-ha-replication-map':
26-
path => '/opt/puppetlabs/server/data/postgresql/11/data/pg_ident.conf',
29+
path => "/opt/puppetlabs/server/data/postgresql/${psql_version}/data/pg_ident.conf",
2730
line => "replication-pe-ha-replication-map ${destination_target.peadm::certname()} pe-ha-replication",
2831
}
2932
file_line { 'replication-pe-ha-replication-ipv4':
30-
path => '/opt/puppetlabs/server/data/postgresql/11/data/pg_hba.conf',
33+
path => "/opt/puppetlabs/server/data/postgresql/${psql_version}/data/pg_hba.conf",
3134
line => 'hostssl replication pe-ha-replication 0.0.0.0/0 cert map=replication-pe-ha-replication-map clientcert=1',
3235
}
3336
file_line { 'replication-pe-ha-replication-ipv6':
34-
path => '/opt/puppetlabs/server/data/postgresql/11/data/pg_hba.conf',
37+
path => "/opt/puppetlabs/server/data/postgresql/${psql_version}/data/pg_hba.conf",
3538
line => 'hostssl replication pe-ha-replication ::/0 cert map=replication-pe-ha-replication-map clientcert=1',
3639
}
3740
}
@@ -42,15 +45,15 @@
4245
# Save existing certificates to use for authentication to source. Can not use
4346
# certs stored in /etc/puppetlabs/puppet/ssl because we will run pg_basebackup
4447
# as pe-postgres user, which lacks access
45-
run_command('mv /opt/puppetlabs/server/data/postgresql/11/data/certs /opt/puppetlabs/server/data/pg_certs', $destination_target)
48+
run_command("mv /opt/puppetlabs/server/data/postgresql/${psql_version}/data/certs /opt/puppetlabs/server/data/pg_certs", $destination_target)
4649

4750
# pg_basebackup requires an entirely empty data directory
4851
run_command('rm -rf /opt/puppetlabs/server/data/postgresql/*', $destination_target)
4952

5053
$pg_basebackup = @("PGBASE")
5154
runuser -u pe-postgres -- \
5255
/opt/puppetlabs/server/bin/pg_basebackup \
53-
-D /opt/puppetlabs/server/data/postgresql/11/data \
56+
-D /opt/puppetlabs/server/data/postgresql/${psql_version}/data \
5457
-d "host=${source_host}
5558
user=pe-ha-replication
5659
sslmode=verify-full
@@ -72,17 +75,17 @@
7275
apply($source_target) {
7376
file_line { 'replication-pe-ha-replication-map':
7477
ensure => absent,
75-
path => '/opt/puppetlabs/server/data/postgresql/11/data/pg_ident.conf',
78+
path => "/opt/puppetlabs/server/data/postgresql/${psql_version}/data/pg_ident.conf",
7679
line => "replication-pe-ha-replication-map ${destination_target.peadm::certname()} pe-ha-replication",
7780
}
7881
file_line { 'replication-pe-ha-replication-ipv4':
7982
ensure => absent,
80-
path => '/opt/puppetlabs/server/data/postgresql/11/data/pg_hba.conf',
83+
path => "/opt/puppetlabs/server/data/postgresql/${psql_version}/data/pg_hba.conf",
8184
line => 'hostssl replication pe-ha-replication 0.0.0.0/0 cert map=replication-pe-ha-replication-map clientcert=1',
8285
}
8386
file_line { 'replication-pe-ha-replication-ipv6':
8487
ensure => absent,
85-
path => '/opt/puppetlabs/server/data/postgresql/11/data/pg_hba.conf',
88+
path => "/opt/puppetlabs/server/data/postgresql/${psql_version}/data/pg_hba.conf",
8689
line => 'hostssl replication pe-ha-replication ::/0 cert map=replication-pe-ha-replication-map clientcert=1',
8790
}
8891
}

0 commit comments

Comments
 (0)